The SURF Security Lifeguard Report

Keeping you afloat in dangerous times

Welcome to the latest edition of the SURF Security Lifeguard Report, our roundup of the top cybersecurity stories from the past fortnight. We bring you the latest news to keep your cyber-strategy on the right track. And sprinkle in some extra facts about SURF Security you may not know.

Regulated and proprietary data comprises large share of GenAI policy violations

GenAI applications are now used in almost all (96%) organisations, increasing the risk of data leakage and compliance risks, according to a new study. Regulated data (35%) and intellectual property (15%) comprise half of the information shared with GenAI aps. And sharing of proprietary source code accounts for 46% of all data policy violations. There’s been a 75% annual increase in the number of organisations turning to data loss prevention (DLP) tools to mitigate such risks.

SURF Security offers a range of GenAI protection and DLP capabilities, including the masking of personally identifiable information, restricting access for non-privileged users, preventing the inclusion of prompts containing sensitive data, and disabling paste functions.

Most organisations are concerned about shadow IT rise

Some 84% of organisations are concerned about shadow IT, according to a new study. Respondents cite various risks, including an inability to discover all the apps used by employees, business users moving too fast, lack of communication, and not having an asset management solution to deal with the problem.

SURF Security can monitor for shadow IT usage and limit access to certain sites and apps based on content categories, custom rules and keywords.

Malicious candidate infiltrates cybersecurity company

Cybersecurity company KnowBe4 unwittingly hired a North Korean spy into its ranks, it has revealed. The threat actor used AI tools and a stolen identity to bypass background checks and ace four video interviews during the screening process. The principal software engineer was ultimately unmasked after attempting to install information-stealing malware on KnowBe4 devices.

SURF Security can monitor for suspicious insider behaviour, offering a session kill switch if necessary. We also block malware downloads.

Phishing campaigns piggyback on Global IT outage

A global IT outage traced to a buggy CrowdStrike update has been used by cybercriminals as a lure for phishing attacks. In one widely reported campaign, phishing emails were loaded with an attachment purporting to contain a ‘recovery manual’ for Windows devices. In fact, the attachments contained info-stealing malware.

SURF Security offers a range of anti-phishing features – including trusted domain, reputation and SSL certificate checks. We also block malware downloads for users.

Massive malware distribution operation traced to GitHub

Security researchers have discovered a massive malware distribution campaign using thousands of fake GitHub accounts. The Stargazers Ghost Network has been deploying malware hidden in repositories linked to at least 3,000 “ghost” accounts on the popular developer platform. Info-stealer malware variants used in the campaign include RedLine, Lumma Stealer, Rhadamanthys, RisePro, and Atlantida Stealer.

SURF Security allows admins to block access to specific sites and content, and will also block downloads of malware.